ClawHub

Question Explanation

v0.1.1

Generate a complete HTML tutorial that explains one or more problems with clear reasoning and embedded SVG or Canvas visuals. Use this skill whenever the use...

0· 78·0 current·0 all-time
by@vaintwyt
MIT-0
Download zip
LicenseMIT-0 · Free to use, modify, and redistribute. No attribution required.
Security Scan
VirusTotalVirusTotal
Benign
View report →
OpenClawOpenClaw
Benign
high confidence
Purpose & Capability
The name and description match the SKILL.md: it produces a complete HTML tutorial with SVG/Canvas visuals. It does not request unrelated binaries, credentials, or config paths, so required capabilities are proportionate to the stated goal.
Instruction Scope
The instructions are narrowly focused on generating a complete HTML file with embedded SVG/Canvas and saving/sending it to the user. They explicitly require reading question content from an uploaded image or text, which is expected for this use case. Note: the skill enforces strict behavioral rules (e.g., 'generate silently', 'respond only once after the file is saved', and a specific final response string). Those are operational constraints rather than security risks, but they are prescriptive and may limit normal conversational fallbacks.
Install Mechanism
No install spec or external downloads are present; this is instruction-only so nothing is written to disk by an install step. This is the lowest-risk install posture.
Credentials
The skill requests no environment variables, credentials, or config paths. There are no disproportionate or unexplained secrets requested.
Persistence & Privilege
always is false and the skill does not request persistent system-wide changes or modifications to other skills. Autonomous invocation is allowed by default (normal for skills) and does not combine with other concerning privileges here.
Assessment
This skill appears internally consistent: it only instructs the agent to produce and send a complete HTML tutorial with embedded SVG/Canvas and does not ask for credentials or install anything. Things to consider before installing: (1) the generated HTML may include JavaScript that will run in your browser—only open files you trust; (2) the skill enforces a single-file output workflow and a specific final message, which is operationally strict but not inherently malicious; (3) if you are uncomfortable with skills being invoked autonomously, disable autonomous invocation in your agent settings (autonomy is the platform default, not a property unique to this skill). If you want additional assurance, ask the author for an example generated HTML so you can inspect it prior to trusting outputs.

Like a lobster shell, security has layers — review code before you run it.

latestvk976bs27d6nveb45f7hcggdy6s83nnma

License

MIT-0
Free to use, modify, and redistribute. No attribution required.
Termshttps://spdx.org/licenses/MIT-0.html

Comments